Manage Admins through API

Bob · September 29, 2023, 10:16pm

I am working to automate admin access for pritunl.

Starting with revoking admins, I can get the list and individuals but can’t update them to disabled=true.

Any thoughts on what I can do?

GET
/admin
returns list of admins

GET
/admin/961517c61z5up849me995e71
returns only a specific admin

PUT
/admin/961517c61z5up849me995e71
returns 404.

Body
{
“id”: “961517c61z5up849me995e71”,
“username”: "test-rando-user,
“yubikey_id”: null,
“otp_auth”: true,
“otp_secret”: “”,
“auth_api”: false,
“token”: “xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”,
“secret”: "“xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx”,
“default”: false,
“disabled”: true,
“super_user”: true,
“audit”: true
}

Bob · October 2, 2023, 10:46pm

So I solved it by passing fewer attributes, and I also observed that the other attributes I didn’t pass were not wiped out. So this works. Also if you do this and have a blank username, the filed will be blank in pritunl, so be careful with that one.

PUT
/admin/961517c61z5up849me995e71

Body
{
“id”: “961517c61z5up849me995e71”,
“username”: "test-rando-user,
“disabled”: true,
}

ihor.latyntsev · October 24, 2023, 9:05am

Hi @Bob , how you authenticate your requests with admin credentials ?
Have you automated getting the admin API secret and token?